P
US10885203B2ActiveUtilityPatentIndex 72

Encrypted data exchange

Assignee: ADVANCED NEW TECHNOLOGIES CO LTDPriority: Aug 1, 2019Filed: Jan 31, 2020Granted: Jan 5, 2021
Est. expiryAug 1, 2039(~13.1 yrs left)· nominal 20-yr term from priority
Inventors:LI LICHUNLIN WENZHENYIN SHAN
H04L 9/008G06F 21/60H04L 63/0428H04L 2209/46H04L 9/0643G06F 21/6245G06F 21/602
72
PatentIndex Score
2
Cited by
13
References
18
Claims

Abstract

A computer-implemented method includes: encrypting, by a first data party, identification data to generate a first identification data ciphertext, in which the first data party holds an identification dataset including the identification data; sending a first ciphertext set to a second data party, in which the first ciphertext set includes the first identification data ciphertext; receiving a second ciphertext set from the second data party; decrypting the second identification data ciphertext to generate a third identification data ciphertext, in which a third ciphertext set includes the third identification data ciphertext; receiving a fourth ciphertext set from the second data party, obtaining the third identification data ciphertext common to the third ciphertext set and the fourth ciphertext set; calculating a homomorphic addition result of the business data ciphertext corresponding to the third identification data ciphertext; and sending the homomorphic addition result to the second data party.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A computer-implemented method for a first data party and a second data party to jointly and securely compute an aggregated result from user data stored by the second data party for a set of users whose membership is maintained by the first data party without the second data party being exposed to the membership of the set and without the first data party being exposed to the user data, the method comprising:
 encrypting, by the first data party, identification data representing membership in the set of users, to generate a first identification data ciphertext; 
 sending, by the first data party to the second data party, the first identification data ciphertext representing membership in the set of users; 
 receiving, by the first data party from the second data party, a second identification data ciphertext obtained by the second data party encrypting the first identification data ciphertext; 
 performing, by the first data party, a homomorphic decryption process on the second identification data ciphertext to generate a third identification data ciphertext representing the membership of the set encrypted by the second data party but not by the first data party; 
 receiving, by the first data party, from the second data party, a ciphertext set, the ciphertext set comprising encrypted identification data stored by the second data party, homomorphically encrypted user data stored by the second data party, and mappings between identities in the encrypted identification data and corresponding encrypted user data; 
 calculating, by the first data party, an intersection set of the encrypted identification data and the third identification data ciphertext; 
 calculating, by the first data party, a homomorphic addition result of encrypted user data mapped to the intersection set; and 
 sending, by the first data party, the homomorphic addition result to the second data party, the homomorphic addition result being decryptable by the second data party to obtain the aggregated result. 
 
     
     
       2. The computer-implemented method of  claim 1 , wherein encrypting the identification data representing membership in the set of users comprises:
 obtaining an encoded value of the identification data; and 
 encrypting the encoded value of the identification data. 
 
     
     
       3. The computer-implemented method of  claim 1 ,
 wherein the first data party holds an encryption key; 
 wherein encrypting the identification data representing membership in the set of users comprises encrypting the identification data using the encryption key; and 
 wherein performing the homomorphic decryption process comprises decrypting the second identification data ciphertext using a decryption key corresponding to the encryption key. 
 
     
     
       4. The computer-implemented method of  claim 1 , wherein performing the homomorphic decryption process comprises:
 decrypting the second identification data ciphertext to obtain a decryption result; and 
 encoding the decryption result, the encoded decryption result being the third identification data ciphertext. 
 
     
     
       5. The computer-implemented method of  claim 4 , wherein encoding the decryption result comprises hashing the decryption result. 
     
     
       6. The computer-implemented method of  claim 1 , wherein sending the first identification data ciphertext to the second data party comprises:
 reordering data elements in the first identification data ciphertext to obtain an out-of-order first identification data ciphertext; and 
 sending the out-of-order first identification data ciphertext to the second data party. 
 
     
     
       7. A non-transitory, computer-readable medium storing one or more instructions executable by a computer system to perform operations for a first data party and a second data party to jointly and securely compute an aggregated result from user data stored by the second data party for a set of users whose membership is maintained by the first data party without the second data party being exposed to the membership of the set and without the first data party being exposed to the user data, the operations comprising
 encrypting, by the first data party, identification data representing membership in the set of users, to generate a first identification data ciphertext; 
 sending, by the first data party to the second data party, the first identification data ciphertext representing membership in the set of users; 
 receiving, by the first data party from the second data party, a second identification data ciphertext obtained by the second data party encrypting the first identification data ciphertext; 
 performing, by the first data party, a homomorphic decryption process on the second identification data ciphertext to generate a third identification data ciphertext representing the membership of the set encrypted by the second data party but not by the first data party; 
 receiving, by the first data party, from the second data party, a ciphertext set, the ciphertext set comprising encrypted identification data stored by the second data party, homomorphically encrypted user data stored by the second data party, and mappings between identities in the encrypted identification data and corresponding encrypted user data; 
 calculating, by the first data party, an intersection set of the encrypted identification data and the third identification data ciphertext; 
 calculating, by the first data party, a homomorphic addition result of encrypted user data mapped to the intersection set; and 
 sending, by the first data party, the homomorphic addition result to the second data party, the homomorphic addition result being decryptable by the second data party to obtain the aggregated result. 
 
     
     
       8. The non-transitory, computer-readable medium of  claim 7 , wherein encrypting the identification data representing membership in the set of users comprises:
 obtaining an encoded value of the identification data; and 
 encrypting the encoded value of the identification data. 
 
     
     
       9. The non-transitory, computer-readable medium of  claim 7 ,
 wherein the first data party holds an encryption key; 
 wherein encrypting the identification data representing membership in the set of users comprises encrypting the identification data using the encryption key; and 
 wherein performing the homomorphic decryption process comprises decrypting the second identification data ciphertext using a decryption key corresponding to the encryption key. 
 
     
     
       10. The non-transitory, computer-readable medium of  claim 7 , wherein performing the homomorphic decryption process comprises:
 decrypting the second identification data ciphertext to obtain a decryption result; and 
 encoding the decryption result, the encoded decryption result being the third identification data ciphertext. 
 
     
     
       11. The non-transitory, computer-readable medium of  claim 10 , wherein encoding the decryption result comprises hashing the decryption result. 
     
     
       12. The non-transitory, computer-readable medium of  claim 7 , wherein sending the first identification data ciphertext to the second data party comprises:
 reordering data elements in the first identification data ciphertext to obtain an out-of-order first identification data ciphertext; and 
 sending the out-of-order first identification data ciphertext to the second data party. 
 
     
     
       13. A computer-implemented system, comprising:
 one or more computers; and 
 one or more computer memory devices interoperably coupled with the one or more computers and having tangible, non-transitory, machine-readable media storing one or more instructions that, when executed by the one or more computers, perform operations for a first data party and a second data party to jointly and securely compute an aggregated result from user data stored by the second data party for a set of users whose membership is maintained by the first data party without the second data party being exposed to the membership of the set and without the first data party being exposed to the user data, the operations comprising:
 encrypting, by the first data party, identification data representing membership in the set of users, to generate a first identification data ciphertext; 
 sending, by the first data party to the second data party, the first identification data ciphertext representing membership in the set of users; 
 receiving, by the first data party from the second data party, a second identification data ciphertext obtained by the second data party encrypting the first identification data ciphertext; 
 performing, by the first data party, a homomorphic decryption process on the second identification data ciphertext to generate a third identification data ciphertext representing the membership of the set encrypted by the second data party but not by the first data party; 
 receiving, by the first data party, from the second data party, a ciphertext set, the ciphertext set comprising encrypted identification data stored by the second data party, homomorphically encrypted user data stored by the second data party, and mappings between identities in the encrypted identification data and corresponding encrypted user data; 
 calculating, by the first data party, an intersection set of the encrypted identification data and the third identification data ciphertext; 
 calculating, by the first data party, a homomorphic addition result of encrypted user data mapped to the intersection set; and 
 sending, by the first data party, the homomorphic addition result to the second data party, the homomorphic addition result being decryptable by the second data party to obtain the aggregated result. 
 
 
     
     
       14. The computer-implemented system of  claim 13 , wherein encrypting the identification data representing membership in the set of users comprises:
 obtaining an encoded value of the identification data; and 
 encrypting the encoded value of the identification data. 
 
     
     
       15. The computer-implemented system of  claim 13 ,
 wherein the first data party holds an encryption key; 
 wherein encrypting the identification data representing membership in the set of users comprises encrypting the identification data using the encryption key; and 
 wherein performing the homomorphic decryption process comprises decrypting the second identification data ciphertext using a decryption key corresponding to the encryption key. 
 
     
     
       16. The computer-implemented system of  claim 13 , wherein performing the homomorphic decryption process comprises:
 decrypting the second identification data ciphertext to obtain a decryption result; and 
 encoding the decryption result, the encoded decryption result being the third identification data ciphertext. 
 
     
     
       17. The computer-implemented system of  claim 16 , wherein encoding the decryption result comprises hashing the decryption result. 
     
     
       18. The computer-implemented system of  claim 13 , wherein sending the first identification data ciphertext to the second data party comprises:
 reordering data elements in the first identification data ciphertext to obtain an out-of-order first identification data ciphertext; and 
 sending the out-of-order first identification data ciphertext to the second data party.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.